Mint or rotate the tenant identity-verification signing secret
POST/api/v1/admin/identity/rotate-secret
Generates a new HMAC signing secret for verify-mode identity assertions and returns it in the response body (only time it is shown). The first call flips the tenant from trust mode to verify mode; subsequent calls rotate, keeping the prior secret valid for a 24 h overlap (previousSecretExpiresAt). The secret is never written to the audit log. Dual-auth: both paths require manage_settings.
Responses
- 200
- 400
- 401
- 403
- 404
- 409
- 422
- 429
- 500
Default Response
Default Response
Default Response
Default Response
Default Response
Default Response
Default Response
Default Response
Default Response